From 88fbddc149cc27eff53ba5846923b41937d617b4 Mon Sep 17 00:00:00 2001 From: Azure Zanculmarktum Date: Tue, 20 Jul 2021 02:21:02 +0700 Subject: nixos/tests: add kbd-update-search-paths-patch --- nixos/tests/all-tests.nix | 1 + nixos/tests/kbd-update-search-paths-patch.nix | 18 ++++++++++++++++++ 2 files changed, 19 insertions(+) create mode 100644 nixos/tests/kbd-update-search-paths-patch.nix (limited to 'nixos') diff --git a/nixos/tests/all-tests.nix b/nixos/tests/all-tests.nix index 746139c481693..770aff2abbd39 100644 --- a/nixos/tests/all-tests.nix +++ b/nixos/tests/all-tests.nix @@ -204,6 +204,7 @@ in k3s = handleTest ./k3s.nix {}; kafka = handleTest ./kafka.nix {}; kbd-setfont-decompress = handleTest ./kbd-setfont-decompress.nix {}; + kbd-update-search-paths-patch = handleTest ./kbd-update-search-paths-patch.nix {}; kea = handleTest ./kea.nix {}; keepalived = handleTest ./keepalived.nix {}; keepassxc = handleTest ./keepassxc.nix {}; diff --git a/nixos/tests/kbd-update-search-paths-patch.nix b/nixos/tests/kbd-update-search-paths-patch.nix new file mode 100644 index 0000000000000..2967ee4890376 --- /dev/null +++ b/nixos/tests/kbd-update-search-paths-patch.nix @@ -0,0 +1,18 @@ +import ./make-test-python.nix ({ pkgs, ... }: { + name = "kbd-update-search-paths-patch"; + + machine = { pkgs, options, ... }: { + console = { + packages = options.console.packages.default ++ [ pkgs.terminus_font ]; + }; + }; + + testScript = '' + command = "${pkgs.kbd}/bin/setfont ter-112n 2>&1" + (status, out) = machine.execute(command) + pattern = re.compile(r".*Unable to find file:.*") + match = pattern.match(out) + if match: + raise Exception("command `{}` failed".format(command)) + ''; +}) -- cgit 1.4.1 From aa7608d7de402ad19919623797654e03ed907523 Mon Sep 17 00:00:00 2001 From: Maxine Aubrey Date: Sun, 18 Jul 2021 18:49:40 +0200 Subject: nixos/networkmanager: add firewallBackend option --- nixos/modules/services/networking/networkmanager.nix | 10 ++++++++++ 1 file changed, 10 insertions(+) (limited to 'nixos') diff --git a/nixos/modules/services/networking/networkmanager.nix b/nixos/modules/services/networking/networkmanager.nix index 064018057cdbf..4be9fc952a870 100644 --- a/nixos/modules/services/networking/networkmanager.nix +++ b/nixos/modules/services/networking/networkmanager.nix @@ -49,6 +49,7 @@ let rc-manager = if config.networking.resolvconf.enable then "resolvconf" else "unmanaged"; + firewall-backend = cfg.firewallBackend; }) (mkSection "keyfile" { unmanaged-devices = @@ -244,6 +245,15 @@ in { ''; }; + firewallBackend = mkOption { + type = types.enum [ "iptables" "nftables" "none" ]; + default = "iptables"; + description = '' + Which firewall backend should be used for configuring masquerading with shared mode. + If set to none, NetworkManager doesn't manage the configuration at all. + ''; + }; + logLevel = mkOption { type = types.enum [ "OFF" "ERR" "WARN" "INFO" "DEBUG" "TRACE" ]; default = "WARN"; -- cgit 1.4.1 From ea125a5fd91af24c4405725c9c048f788bd70d12 Mon Sep 17 00:00:00 2001 From: Maxine Aubrey Date: Sun, 18 Jul 2021 18:50:20 +0200 Subject: nixos/nftables: set nm's firewallBackend when on when enabled, switch networkmanager's firewallBackend option to nftables --- nixos/modules/services/networking/nftables.nix | 1 + 1 file changed, 1 insertion(+) (limited to 'nixos') diff --git a/nixos/modules/services/networking/nftables.nix b/nixos/modules/services/networking/nftables.nix index cb75142965eae..72f37c32253e5 100644 --- a/nixos/modules/services/networking/nftables.nix +++ b/nixos/modules/services/networking/nftables.nix @@ -103,6 +103,7 @@ in }]; boot.blacklistedKernelModules = [ "ip_tables" ]; environment.systemPackages = [ pkgs.nftables ]; + networking.networkmanager.firewallBackend = mkDefault "nftables"; systemd.services.nftables = { description = "nftables firewall"; before = [ "network-pre.target" ]; -- cgit 1.4.1